+
Related Flashcards
Cards In This Set
| Front | Back |
|
What does level 5 in this enable secret global configuration mode command indicate?
router# enable secret level 5 password |
The enable secret password is for accessing exec privelege level 5
|
|
Which two functions are required for IPsec operation?
|
1. Using Internet Key Encryption (IKE) to negotiate the Security Association (SA).
2. Using Diffie-Hellman to establish a shared-secret key. |
|
How are Cisco IOS access control lists processed?
|
ACLs are matched from top down
|
|
Which access list permits HTTP traffic sourced from host 10.0.1.129.100 port 3030 destined to host 192.168.1.10?
|
Access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www
|
|
Explain the functions of the:
Control Plane Data Plane Management Plane |
Control Plane secures traffic destined to the router itself
Data Plane secures transit traffic through the router Management Plane secures router access |
|
Which two features are supported by Cisco IronPort Security Gateway?
|
Spam Protection
Email Encryption |
|
Which option is a feature of Cisco ScanSafe technology?
|
Consistent cloud-based policy
|
|
Which two characteristics represent a blended threat?
|
Trojan horse attack
day zero attack |
|
Under which higher-level policy is a VPN security policy categorized?
|
Remote access policy
|
|
router# sh run | include username
username test secret 5 $1$knm.$GOGQBIL8TK77P0LWxvX4O0 - What does the option secret 5 in the username global config mode command indicate about the user password? |
It is hashed using MD5
|
|
What does level 5 in this enable secret global configuration mode command indicate?
router# enable secret level 5 password |
The enable secret password is for accessing exec privelege level 5
|
|
Which Cisco management tool provides the ability to centrally provision all aspects of device configuration across the Cisco family of security products?
|
Cisco Security Manager
|
|
Which option is the correct representation of the IPv6 address:
2001:0000:150C:0000:0000:41B1:45A3:041D |
2001:0:150C::41B1:45A3:41D
|
|
Which three options are common examples of Authentication, authorization, and accounting (AAA) implementation on Cisco routers?
|
1. Authenticating remote users who are accessing the corporate LAN through IPsec VPN connections
2. Authenticating administrator access to the router console port, auxiliary port, and vty ports 3. Performing router commands authorization using TACACS+ |
|
When Authentication, authorization, and accounting (AAA) login authentication is configured on Cisco routers, which two authentication methods should be used as the final method to ensure that the administrator can still log in to the router in case the external AAA server fails?
|
1. Local
2. Enable |
